DOCKET NO.: MSFT-53 10/307233.01 PATENT 
Application No.: 10/806,020 
Office Action Dated: May 6, 2009 

REMARKS 

Claims 1, 3-7, 10, 12-20, 28-31, and 33-34 are pending in the application. Claim 36 is 
canceled. Claims 1,10, 12, and 28 are amended with support for the amendments found at least 
in paragraph [0047] and Fig. 4 of the as-filed specification and drawings. Claims 1, 3-7, 10, 12- 

20, 28-31, and 33-34 presently stand rejected. 

Telephone Conversation With Examiner 

Examiner Pan is thanked for the telephone conversation conducted on July 30, 2009. 
Proposed claim amendments were discussed. Asserted art was discussed. Clarifying 
amendments to better place the application in condition for allowance were discussed. No 
agreements were reached. 

Regarding the Claim Objections 

Claim 10 is objected to as not providing antecedent basis for the term "the cancellation 
server." Claim 10 has been amended to recite "the first cancellation server." Reconsideration is 
respectfiiUy requested. 

Regarding the Rejections under 35 U.S.C. §103 

Claims 1, 3-7, 10, 12-20, 28-31, and 33-34 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Juels et al. (US Patent No. 7,197,639, hereinafter "Juels") in view of 
Landsman et al. (US Patent Pub. No. 2005/0055410, hereinafter "Landsman") in fijrther view of 
Bala et al. (US Patent Pub. No. 2008/0189158, hereinafter "Bala"). These rejections are 
respectfiiUy traversed. 

Juels relates to cryptographic communications methods and systems that protect a server 
from a connection depletion attack. Landsman relates to managing electronic messages and 
computer systems sending one, two, or more challenge messages to the sender of the electronic 
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messages in determining whether to deliver an electronic message. Bala relates to a process for 
distributed decision making in a supply chain risk assessment activity. 



Juels and Landsman, whether considered separately or in combination, neither disclose 
nor suggest "communicatively connecting a plurality of cancellation servers through a 
coordinating cancellation server," for "validating the identifier by verifying that the identifier 
does not already exist in the database in the first cancellation server or the database in the second 
cancellation server through a direct query by the first cancellation server of a database within the 
second cancellation server" where "upon validating, canceling the cryptographic puzzle by 
storing in each database in each cancellation server in communication with the coordinating 
cancellation server the identifier or information derived from the identifier" as recited in claims 1 
and 28, nor "receiving a REJECT response directly from the second cancellation server 
communicatively coupled to the coordinating cancellation server as a result of the identifier 
being already present in a database of the second cancellation server" as recited in claim 12. 

The Office Action asserts that Juels teaches the validation that a received identifier does 
not exist in the database associated with a second cancellation server in Col. 16, lines 25-27, 
however, it does not. Juels in Col. 16, lines 25-27 merely asserts that ''the server does not accept 
more than one, or more than a limited number of solutions to a particular puzzle from a client." 
There is no disclosure or teaching for either a validation process to ensure that an identifier does 
not exist in a second cancellation server, or that the received identifier is even associated with a 
database on any cancellation server as recited in claims 1, 12, and 28. Neither Landsman nor 
Bala remedy this lack of disclosure. Landsman is silent with regard to a database associated with 
a cancellation server, and Bala simply reads decisions from a database for use in a decision- 
making process and neither discloses nor teaches the ability to verify that decision identifiers do 
not exist in an associated database. Thus, the Landsman and Bala references do not provide the 
remedy for the lack of disclosure in Jules. 
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The Office Action seems to assert that the server referenced in Col. 19, lines 38-47 of 
Juels discloses the function of a cancellation server. However, the server disclosed in Col. 19 is 
a security server that ensures that a puzzle may not be used more than once by verifying that in 
each of a plurality of received messages a particular puzzle is used only once (see lines 27-47). 
Juels teaches away from the use of a database for submitting or solving cryptographic puzzles, or 
maintaining any information concerning the validation of users at all. In Col 16, lines 41-48 
Juels discloses "it is desirable that the server 120 be able to verify, via the computational task 
solution verifier 150 (FIG. 1), without the use of a database containing puzzle imposition history 
data, or any other data, that a puzzle solution presented by a client" (emphasis added) and, in 
lines 50-52 that "This mechanism can also be referred to as a "stateless, memory less or history 
less" method of the server 120 to process the return of previously imposed puzzles." This 
disclosure is not the same as a cancellation server that maintains a database of puzzles for use in 
validating an incoming message by ensuring that a puzzle identifier docs not already exist in a 
database maintained on the cancellation server. In addition, there is no disclosure in Jules for the 
existence of a coordinating cancellation server that validates that a puzzle does not already exist 
(has been used) in multiple databases on more than one cancellation server. Thus, not only does 
Juels not disclose or suggest that it is desirable to couple a cancellation server with a database 
containing previously available puzzle information, or that a coordinating cancellation server 
may broaden the reach of the validation fiinction, but also that Juels teaches away from this 
concept and toward a concept that onfy real-time, stateless, ad hoc cryptographic puzzle 
solutions are adequate to insure the security of the messages to be sent. Thus, Jules does not 
disclose the subject matter of claims 1 and 28, and Jules teaches away from the subject matter of 
claims 1, 12, and 28. 

Combining Landsman with Juels does not cure the deficiencies of Juels. Landsman 
discloses "a challenge generation module 48 of a challenge module 42 of the recipient server 16 
may determine whether the sender is designated in a sender database 56 as being authorized (or 
unauthorized) to send electronic messages to the recipient" as the use of a database. This is 
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completely different from a cancellation server coupled to a database that is used by the recipient 
(emphasis added) to verify that data security of an incoming message has not been violated. In 
addition, Landsman is completely silent with regard to a coordinating cancellation server for the 
validation of a plurality of database entries across multiple cancellation servers. Therefore, 
Landsman does not provide the disclosure to remedy the lack of teaching in Juels for the claim 
features as recited in claims 1 and 28. Thus, the combination of Juels and Landsman does not 
provide the teaching to render claims 1 and 28 obvious. 

The Office Action, on page 4, admits that Jules does not specifically disclose or teach "a 
coordinating cancellation server." Applicants agree with this statement. However, this is not the 
only lack in Jules. Jules also does not disclose or teach "validating the received identifier fiirther 
at the first cancellation server by directly querying the second cancellation server." The Office 
Action must look to the Bala reference to remedy the lack of this feature in Jules. The Office 
Action seems to assert that this feature of the independent claims is taught by Bala in Fig. 1 
(element "Mediator") and paragraph [0056] of Bala, however, it does not. The mediator process 
that is identified in Bala is simply a data sieve through which risks patterns fi-om previously 
collected decisions are filtered based upon a rule set. There is no disclosure or teaching of a 
cancellation server in Bala, where the cancellation servers validate the existence of a received 
identifier within a database and, more importantly, validate that an identifier does not exist in a 
database associated with a first or a second cancellation server where the second cancellation 
server is identified by the coordinating cancellation server and the first cancellation server 
interacts directly with the second cancellation server. Jules does not disclose or teach this type 
of cancellation server or this fimctional coordination between the coordinating cancellation 
server and all cancellation servers in communication with it. Bala does not remedy this lack. 
Although Bala may describe a mediation process that selectively processes collected decisions 
fi"om a number of software agents (see paragraphs 56 and 57) each agent of which mines data 
only from its associated server, the direct query of the database within a second cancellation 
server by the first cancellation server is not disclosed or taught by Jules or the combination of 

Page 11 of 13 



DOCKET NO.: MSFT-53 10/307233.01 
Application No.: 10/806,020 
Office Action Dated: May 6, 2009 



PATENT 



Jules and Bala. Thus, the combination of Juels, Landsman, and Bala does not provide the 
teaching to render claims 1 and 28 obvious. 

Regarding claim 12, the Office Action seems to assert that Juels provides the disclosure 
for "receiving a REJECT response directly from the second cancellation server communicatively 
coupled to the coordinating cancellation server as a result of the identifier being already present 
in a database of the second cancellation server" in Col. 13, lines 31-45, however, it does not. 
This disclosure in Juels relates to the entry of a single server into defensive mode upon becoming 
aware of an attack on the server. There is no disclosure for the management of a coordinating 
cancellation server in determining that an identifier is validated in multiple cancellation servers 
in direct communication with one another and a reject response generated if the puzzle is 
identified in a database in any of the cancellation servers, as recited in claim 12. Therefore, Juels 
does not provide the disclosure for at least this feature of claim 12. 

The Office Action looks to the Landsman reference to remedy this lack. However, 
Landsman is completely silent with regard to a coordinating cancellation server in 
communication with a plurality of cancellation servers for the validation of entries in databases 
maintained within the plurality of cancellation servers. Therefore, Landsman does not provide 
the disclosure to remedy the lack of teaching Juels for the claim features as recited in claim 12. 
Thus the combination of Juels and Landsman does not provide the teaching to render claim 12 
obvious. 

Claims 3-7, 10, 13-20, 29-31, 33, and 34 all depend, either directly or indirectly, from 
one of claims 1,12, and 28. As such, the applicants submit that these claims are patentable over 
the combination of the Juels and Landsman references for at least the same reasons as stated 
above with respect to claims 1,12, and 28. Accordingly, reconsideration and allowance are 
respectfully requested. 
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CONCLUSION 

For the forgoing reasons, Applicants respectfiiUy submit that the instant application is in 
condition for allowance. Reconsideration and early allowance is hereby respectfully requested. 



Date: August 4, 2009 /Joseph F. Oriti/ 

Joseph F. Oriti 
Registration No. 47,835 

Woodcock Washburn LLP 
Cira Centre 

2929 Arch Street, 12th Floor 
Philadelphia, PA 19104-2891 
Telephone: (215) 568-3100 
Facsimile: (215) 568-3439 
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